Aaron Smith headshot

Aaron Smith

he/him

AI Security Architect | Agentic Systems & GenAI Governance | Enterprise Technical Leadership

View LinkedIn

About

Most AI security resumes start in 2023. Mine starts in 2002 with Bayesian classification, runs through AI/ML security at McDonald's 30,000+ locations, and lands in enterprise GenAI platform architecture for regulated financial services today.

I build and secure AI systems at enterprise scale as core production systems, not side projects. I operate autonomous agents with guardrails, separation of duties, and behavioral monitoring, and design governance frameworks so systems degrade safely, remain accountable, and keep humans in the loop where it matters.

What Sets Me Apart

AI Security Depth

OWASP LLM Top 10 threat modeling since v1.0, published GenAI threat models, production prompt injection defense, and pre-LLM AI/ML security experience since 2002.

Enterprise Scale

Fortune 100 CISO engagements, board-level risk communication, and regulatory testimony capability across FFIEC, HIPAA, SOX, and PCI.

Builder DNA

Built an $8.4M AppSec practice from zero and rationalized AON's global security perimeter, saving $12M+ per year.

Practitioner, Not Tourist

Operating production agentic systems with real guardrails. Not just talking about AI, but shipping it securely.

Current Role & Notable Engagements

Cybersecurity Architect, Advisor, Consultant & Engineer at Left Coast Specialists, Inc. (Mar 2002 - Present). Strategic security leadership and hands-on architecture across finance, healthcare, manufacturing, and technology.

  • AON: Rationalized global security perimeter and consolidated 12 vendors into one stack, saving $12M+ annually.
  • McDonald's: Led security assessment of pre-LLM AI/ML systems across 30,000+ global locations.
  • Regulated industries: Enterprise GenAI platform architecture and AI risk accountability programs.
  • Global finance: Cloud IAM architecture and implementations across AWS and Azure.
  • Executive advisory: Board-level security strategy and regulatory examination preparation.

Licenses & Certifications

CISSP (ISC2)
CISA (ISACA)
CRISC (ISACA)
GIAC Cloud Security Automation
GPEN (GIAC)
GCIH (GIAC)
GCWN (GIAC)
GMON (GIAC)

Start a Conversation

Discuss security architecture priorities, AI governance challenges, or enterprise transformation goals.

Schedule a Security Assessment